angstwad / docker.ubuntu Goto Github PK
View Code? Open in Web Editor NEWDocker role for Ansible on Ubuntu 14.04+
Home Page: https://galaxy.ansible.com/angstwad/docker_ubuntu/
License: Apache License 2.0
Docker role for Ansible on Ubuntu 14.04+
Home Page: https://galaxy.ansible.com/angstwad/docker_ubuntu/
License: Apache License 2.0
Hello,
I use this role to provision an ubuntu server, if the server restarts docker doesn't start with it.
Is there a way to setup that in this playbook ?
Thank you
Hi, i'm executing the role against a 14.04 box and got this:
TASK: [angstwad.docker_ubuntu | Fail if not a new release of Ubuntu] **********
fatal: [localhost] => error while evaluating conditional: ansible_distribution_version|version_compare(12.04, '<') or ansible_distribution_version|version_compare(12.10, '=')
I have use debug to print my box ansible_distribution version:
TASK: [debug var={{ansible_distribution_version}}] ****************************
ok: [localhost] => {
"14.04": "14.04"
}
$>ansible --version
ansible 1.5.4
GitHub repository description points to a 404 link. The correct one is: https://galaxy.ansible.com/list#/roles/292. Can you please fix it?
It would be helpful to allow the ssh port to be overridden based on the inventory file settings. I can submit a PR if you'd like but its really just changing the two lines in tasks/main.yml
- name: Wait for instance to come online
local_action:
module: wait_for
host: "{{ hostvars[server_name]['ansible_ssh_host'] }}"
port: "{{ hostvars[server_name]['ansible_ssh_port'] }}"
delay: 30
timeout: 600
state: started
sudo: no
when: "ansible_distribution_version == '12.04' and reboot_result|success"
EDIT: Additionally, explicitly disabling sudo for the local_action port check is nice. It seems that local_action with sudo enabled is annoying and requires
I didn't try the second approach honestly, as disabling sudo works just as well if not arguably better.
I see that the code pulled via ansible-galaxy is old. Is it recommended to point at github repo as the source in requirements.yml?
ASK [angstwad.docker_ubuntu : Install pip, python-dev package with apt] *******
failed: [default] => (item=[u'python-dev', u'python-pip']) => {"cache_update_time": 1459425282, "cache_updated": true, "failed": true, "item": ["python-dev", "python-pip"], "msg": "'/usr/bin/apt-get -y -o \"Dpkg::Options::=--force-confdef\" -o \"Dpkg::Options::=--force-confold\" install 'python-dev' 'python-pip'' failed: E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/p/python-setuptools/python-setuptools-whl_3.3-1ubuntu2_all.deb Connection failed [IP: 91.189.91.15 80]\n\nE: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?\n", "stderr": "E: Failed to fetch http://archive.ubuntu.com/ubuntu/pool/main/p/python-setuptools/python-setuptools-whl_3.3-1ubuntu2_all.deb Connection failed [IP: 91.189.91.15 80]\n\nE: Unable to fetch some archives, maybe run apt-get update or try with --fix-missing?\n", "stdout": "Reading package lists...\nBuilding dependency tree...\nReading state information...\nThe following extra packages will be installed:\n build-essential dpkg-dev g++ g++-4.8 libalgorithm-diff-perl\n libalgorithm-diff-xs-perl libalgorithm-merge-perl libdpkg-perl libexpat1-dev\n libfile-fcntllock-perl libpython-dev libpython2.7-dev libstdc++-4.8-dev\n python-chardet-whl python-colorama python-colorama-whl python-distlib\n python-distlib-whl python-html5lib python-html5lib-whl python-pip-whl\n python-requests-whl python-setuptools python-setuptools-whl python-six-whl\n python-urllib3-whl python-wheel python2.7-dev python3-pkg-resources\nSuggested packages:\n debian-keyring g++-multilib g++-4.8-multilib gcc-4.8-doc libstdc++6-4.8-dbg\n libstdc++-4.8-doc python-genshi python-lxml python3-setuptools\nRecommended packages:\n python-dev-all\nThe following NEW packages will be installed:\n build-essential dpkg-dev g++ g++-4.8 libalgorithm-diff-perl\n libalgorithm-diff-xs-perl libalgorithm-merge-perl libdpkg-perl libexpat1-dev\n libfile-fcntllock-perl libpython-dev libpython2.7-dev libstdc++-4.8-dev\n python-chardet-whl python-colorama python-colorama-whl python-dev\n python-distlib python-distlib-whl python-html5lib python-html5lib-whl\n python-pip python-pip-whl python-requests-whl python-setuptools\n python-setuptools-whl python-six-whl python-urllib3-whl python-wheel\n python2.7-dev python3-pkg-resources\n0 upgraded, 31 newly installed, 0 to remove and 8 not upgraded.\nNeed to get 44.3 MB of archives.\nAfter this operation, 83.2 MB of additional disk space will be used.\nGet:1 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libexpat1-dev amd64 2.1.0-4ubuntu1.1 [115 kB]\nGet:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libpython2.7-dev amd64 2.7.6-8ubuntu0.2 [22.0 MB]\nGet:3 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libstdc++-4.8-dev amd64 4.8.4-2ubuntu1~14.04.1 [1051 kB]\nGet:4 http://archive.ubuntu.com/ubuntu/ trusty-updates/main g++-4.8 amd64 4.8.4-2ubuntu1~14.04.1 [18.1 MB]\nGet:5 http://archive.ubuntu.com/ubuntu/ trusty/main g++ amd64 4:4.8.2-1ubuntu6 [1490 B]\nGet:6 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libdpkg-perl all 1.17.5ubuntu5.5 [179 kB]\nGet:7 http://archive.ubuntu.com/ubuntu/ trusty-updates/main dpkg-dev all 1.17.5ubuntu5.5 [726 kB]\nGet:8 http://archive.ubuntu.com/ubuntu/ trusty/main build-essential amd64 11.6ubuntu6 [4838 B]\nGet:9 http://archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-diff-perl all 1.19.02-3 [50.0 kB]\nGet:10 http://archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-diff-xs-perl amd64 0.04-2build4 [12.6 kB]\nGet:11 http://archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-merge-perl all 0.08-2 [12.7 kB]\nGet:12 http://archive.ubuntu.com/ubuntu/ trusty/main libfile-fcntllock-perl amd64 0.14-2build1 [15.9 kB]\nGet:13 http://archive.ubuntu.com/ubuntu/ trusty/main libpython-dev amd64 2.7.5-5ubuntu3 [7078 B]\nGet:14 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python3-pkg-resources all 3.3-1ubuntu2 [31.7 kB]\nGet:15 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-chardet-whl all 2.2.1-2~ubuntu1 [170 kB]\nGet:16 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-colorama all 0.2.5-0.1ubuntu2 [18.4 kB]\nGet:17 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-colorama-whl all 0.2.5-0.1ubuntu2 [18.2 kB]\nGet:18 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python2.7-dev amd64 2.7.6-8ubuntu0.2 [269 kB]\nGet:19 http://archive.ubuntu.com/ubuntu/ trusty/main python-dev amd64 2.7.5-5ubuntu3 [1166 B]\nGet:20 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-distlib all 0.1.8-1ubuntu1 [113 kB]\nGet:21 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-distlib-whl all 0.1.8-1ubuntu1 [140 kB]\nGet:22 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-html5lib all 0.999-3~ubuntu1 [83.5 kB]\nGet:23 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-html5lib-whl all 0.999-3~ubuntu1 [109 kB]\nGet:24 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-six-whl all 1.5.2-1ubuntu1 [10.5 kB]\nGet:25 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-urllib3-whl all 1.7.1-1ubuntu4 [64.0 kB]\nGet:26 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-requests-whl all 2.2.1-1ubuntu0.3 [227 kB]\nErr http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-setuptools-whl all 3.3-1ubuntu2\n Connection failed [IP: 91.189.91.15 80]\nGet:27 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-pip-whl all 1.5.4-1ubuntu3 [111 kB]\nGet:28 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-setuptools all 3.3-1ubuntu2 [230 kB]\nGet:29 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-pip all 1.5.4-1ubuntu3 [97.2 kB]\nGet:30 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-wheel all 0.24.0-1~ubuntu1 [44.7 kB]\nFetched 44.1 MB in 2min 15s (326 kB/s)\n", "stdout_lines": ["Reading package lists...", "Building dependency tree...", "Reading state information...", "The following extra packages will be installed:", " build-essential dpkg-dev g++ g++-4.8 libalgorithm-diff-perl", " libalgorithm-diff-xs-perl libalgorithm-merge-perl libdpkg-perl libexpat1-dev", " libfile-fcntllock-perl libpython-dev libpython2.7-dev libstdc++-4.8-dev", " python-chardet-whl python-colorama python-colorama-whl python-distlib", " python-distlib-whl python-html5lib python-html5lib-whl python-pip-whl", " python-requests-whl python-setuptools python-setuptools-whl python-six-whl", " python-urllib3-whl python-wheel python2.7-dev python3-pkg-resources", "Suggested packages:", " debian-keyring g++-multilib g++-4.8-multilib gcc-4.8-doc libstdc++6-4.8-dbg", " libstdc++-4.8-doc python-genshi python-lxml python3-setuptools", "Recommended packages:", " python-dev-all", "The following NEW packages will be installed:", " build-essential dpkg-dev g++ g++-4.8 libalgorithm-diff-perl", " libalgorithm-diff-xs-perl libalgorithm-merge-perl libdpkg-perl libexpat1-dev", " libfile-fcntllock-perl libpython-dev libpython2.7-dev libstdc++-4.8-dev", " python-chardet-whl python-colorama python-colorama-whl python-dev", " python-distlib python-distlib-whl python-html5lib python-html5lib-whl", " python-pip python-pip-whl python-requests-whl python-setuptools", " python-setuptools-whl python-six-whl python-urllib3-whl python-wheel", " python2.7-dev python3-pkg-resources", "0 upgraded, 31 newly installed, 0 to remove and 8 not upgraded.", "Need to get 44.3 MB of archives.", "After this operation, 83.2 MB of additional disk space will be used.", "Get:1 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libexpat1-dev amd64 2.1.0-4ubuntu1.1 [115 kB]", "Get:2 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libpython2.7-dev amd64 2.7.6-8ubuntu0.2 [22.0 MB]", "Get:3 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libstdc++-4.8-dev amd64 4.8.4-2ubuntu1~14.04.1 [1051 kB]", "Get:4 http://archive.ubuntu.com/ubuntu/ trusty-updates/main g++-4.8 amd64 4.8.4-2ubuntu1~14.04.1 [18.1 MB]", "Get:5 http://archive.ubuntu.com/ubuntu/ trusty/main g++ amd64 4:4.8.2-1ubuntu6 [1490 B]", "Get:6 http://archive.ubuntu.com/ubuntu/ trusty-updates/main libdpkg-perl all 1.17.5ubuntu5.5 [179 kB]", "Get:7 http://archive.ubuntu.com/ubuntu/ trusty-updates/main dpkg-dev all 1.17.5ubuntu5.5 [726 kB]", "Get:8 http://archive.ubuntu.com/ubuntu/ trusty/main build-essential amd64 11.6ubuntu6 [4838 B]", "Get:9 http://archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-diff-perl all 1.19.02-3 [50.0 kB]", "Get:10 http://archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-diff-xs-perl amd64 0.04-2build4 [12.6 kB]", "Get:11 http://archive.ubuntu.com/ubuntu/ trusty/main libalgorithm-merge-perl all 0.08-2 [12.7 kB]", "Get:12 http://archive.ubuntu.com/ubuntu/ trusty/main libfile-fcntllock-perl amd64 0.14-2build1 [15.9 kB]", "Get:13 http://archive.ubuntu.com/ubuntu/ trusty/main libpython-dev amd64 2.7.5-5ubuntu3 [7078 B]", "Get:14 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python3-pkg-resources all 3.3-1ubuntu2 [31.7 kB]", "Get:15 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-chardet-whl all 2.2.1-2~ubuntu1 [170 kB]", "Get:16 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-colorama all 0.2.5-0.1ubuntu2 [18.4 kB]", "Get:17 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-colorama-whl all 0.2.5-0.1ubuntu2 [18.2 kB]", "Get:18 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python2.7-dev amd64 2.7.6-8ubuntu0.2 [269 kB]", "Get:19 http://archive.ubuntu.com/ubuntu/ trusty/main python-dev amd64 2.7.5-5ubuntu3 [1166 B]", "Get:20 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-distlib all 0.1.8-1ubuntu1 [113 kB]", "Get:21 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-distlib-whl all 0.1.8-1ubuntu1 [140 kB]", "Get:22 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-html5lib all 0.999-3~ubuntu1 [83.5 kB]", "Get:23 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-html5lib-whl all 0.999-3~ubuntu1 [109 kB]", "Get:24 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-six-whl all 1.5.2-1ubuntu1 [10.5 kB]", "Get:25 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-urllib3-whl all 1.7.1-1ubuntu4 [64.0 kB]", "Get:26 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-requests-whl all 2.2.1-1ubuntu0.3 [227 kB]", "Err http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-setuptools-whl all 3.3-1ubuntu2", " Connection failed [IP: 91.189.91.15 80]", "Get:27 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-pip-whl all 1.5.4-1ubuntu3 [111 kB]", "Get:28 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-setuptools all 3.3-1ubuntu2 [230 kB]", "Get:29 http://archive.ubuntu.com/ubuntu/ trusty-updates/universe python-pip all 1.5.4-1ubuntu3 [97.2 kB]", "Get:30 http://archive.ubuntu.com/ubuntu/ trusty-updates/main python-wheel all 0.24.0-1~ubuntu1 [44.7 kB]", "Fetched 44.1 MB in 2min 15s (326 kB/s)"]}
So I ran vagrant ssh
and ran sudo apt-get update
inside the machine and got this error
Fetched 619 kB in 3s (173 kB/s)
Reading package lists... Done
W: An error occurred during the signature verification. The repository is not updated and the previous index files will be used. GPG error: http://archive.ubuntu.com trusty Release: The following signatures couldn't be verified because the public key is not available: NO_PUBKEY 16126D3A3E5C1192
W: Failed to fetch http://archive.ubuntu.com/ubuntu/dists/trusty/Release
W: Some index files failed to download. They have been ignored, or old ones used instead.
Any tips on how to fix this?
I've been using this role for a while, but suddenly having some trouble with it. I get the following error when running this:
TASK: [angstwad.docker_ubuntu | Install (or update) docker package] ***********
<10.0.1.30> REMOTE_MODULE apt name=docker-engine state=present
failed: [10.0.1.30] => {"failed": true, "parsed": false}
BECOME-SUCCESS-mrlqxwempmkpaykhqkiiphryxqgzmzgx
Traceback (most recent call last):
File "/home/ubuntu/.ansible/tmp/ansible-tmp-1445550195.85-96942197658441/apt", line 2258, in <module>
main()
File "/home/ubuntu/.ansible/tmp/ansible-tmp-1445550195.85-96942197658441/apt", line 554, in main
cache = apt.Cache()
File "/usr/lib/python2.7/dist-packages/apt/cache.py", line 107, in __init__
self.open(progress)
File "/usr/lib/python2.7/dist-packages/apt/cache.py", line 151, in open
self._cache = apt_pkg.Cache(progress)
SystemError: E:Unable to parse package file /var/lib/apt/lists/us-west-2.ec2.archive.ubuntu.com_ubuntu_dists_trusty-updates_main_i18n_Translation-en (1), E:The package lists or status file could not be parsed or opened.
OpenSSH_6.6.1, OpenSSL 1.0.1f 6 Jan 2014
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: auto-mux: Trying existing master
debug1: mux_client_request_session: master session id: 2
Shared connection to 10.0.1.30 closed.
FATAL: all hosts have already failed -- aborting
Any help would be greatly appreciated, thank you!
I'm experiencing this issue:
failed: [orchestra_vm] => {"failed": true, "parsed": false}
BECOME-SUCCESS-jvspektsacgiiafyvmwdbucorbumxbth
/usr/local/lib/python2.7/dist-packages/docker/utils/utils.py:486: UserWarning: docker.utils.create_host_config() is deprecated. Please use Client.create_host_config() instead.
'docker.utils.create_host_config() is deprecated. Please use '
Killed
OpenSSH_6.9p1, LibreSSL 2.1.7
debug1: Reading configuration data /Users/matias/.ssh/config
debug1: /Users/matias/.ssh/config line 12: Applying options for orchestra_vm
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 21: Applying options for *
debug1: auto-mux: Trying existing master
debug1: mux_client_request_session: master session id: 2
Shared connection to 127.0.0.1 closed.
When using this configuration:
- name: redis containers
docker:
name: myredis
image: redis
command: redis-server --appendonly yes
state: started
expose:
- 6379
volumes_from:
- mydata
Also, after receiving that error, my ssh connection breaks.
Looks like a problem with the version of docker-py and docker-compose. As a temporary solution, I've noticed there are variables that can be passed to use a specific version: pip_version_docker_py, pip_version_docker_compose. I've tried passing version '1.5' for both items but didn' t help. Any suggestion?
Hello,
Can you create a release ? and update your role in galaxy to add this release ?
Thanks,
version_compare(12.04, '<')
can lead to unexpected comparison result, version_compare('12.04', '<')
should be used instead.
Hey,
in recent commit this role now always installs docker using the Ubuntu stable repository docker.io package if you're on Ubuntu 14.04.
This is not so good since the verison of docker it supports is 1.01 where as the latest docker available on Docker's own repository is 1.3
It would be nice to add a flag that can be set to force always installing from docker's repository (e.g the lxc-docker package).
If sounds reasonable I can send a pull request
When setting:
kernel_pkg_state: present
install_kernel_extras: true
The expected behaviour should be to install the current kernel extras. However a kernel upgrade is performed. I believe the problem is because you are installing linux-image-extra-virtual and that is not versioned so it'll trigger a kernel upgrade regardless.
This is on Ubuntu 14.04
Thanks
Getting an error when using the docker.io package instead of lxc:
TASK: [docker.ubuntu | Fix DNS in docker.io] **********************************
fatal: [ubuntu-access-bm] => One or more undefined variables: 'ansible_docker0' is undefined
It seems that the DOCKER_OPTS variable either isn't being loaded or isn't being read when systemd goes to start Docker. This results in, for example, being unable to expose the docker daemon on a port.
The referenced PR is a hack to get around this problem, though I suspect the root cause is PEBKAC. If there is a better way around this I'd love to throw my PR away.
I am using the ubuntu/wily64 Vagrant box. For reference, my playbook.yml is as follows:
- hosts: all
sudo: true
roles:
- role: roles/docker.ubuntu
docker_opts: >
-H unix://
-H tcp://0.0.0.0:2375
--log-level=debug
I don't need docker-compose or docker-py, so the pip installs of these packages are superfluous. It'd be great to have an option to skip their install.
I'm using the role like this:
- name: Start sandbox
docker:
name: blah
image: caarlos0/blah
pull: always
state: reloaded
ports:
- 5000:5000
It works the first time, but if I try to run it again, I got:
Unable to remove filesystem for e086067abf98152eeae0157b212ff7514b571412a081c810431b31c4e645f67b: remove /var/lib/docker/containers/e086067abf98152eeae0157b212ff7514b571412a081c810431b31c4e645f67b/shm
Am I doing something wrong?
I already updated the kernel and everything else.
$ uname -a
Linux automation.prod.contaazul.local 3.13.0-83-generic #127-Ubuntu SMP Fri Mar 11 00:25:37 UTC 2016 x86_64 x86_64 x86_64 GNU/Linux
$ docker -v
Docker version 1.11.0, build 4dc5990
See issues caused by device mapper in upstream issue: moby/moby#12750 (comment)
I must execute docker_ubuntu role with become: yes
because it requires administrative privileges to do the tasks. The final task in docker_ubuntu performs a setup
action, which alters variables. In my case, tasks in roles following the docker_ubuntu role needed to use the HOME
environment variable, but the call to setup
caused my environment to be set to root
's environment (and therefore, HOME
to be set to /root
).
Is there a way to avoid calling setup
, or at the very least, can it please be much more tightly restricted (see the available options for setup
)? I don't understand to what this docker.io
relates. It appears to be a deprecated name for the Docker package. If it is, could this please be removed entirely?
I'm not sure about how the pip module works, but is really necessary that every time a playbook runs the following should happen (the 2 last install are always changed):
TASK: [angstwad.docker_ubuntu | Upgrade latest pip, setuptools, docker-py and docker-compose with pip] ***
ok: [fe-web1-acc] => (item={'version': u'latest', 'name': 'pip'})
ok: [fe-web1-acc] => (item={'version': u'latest', 'name': 'setuptools'})
changed: [fe-web1-acc] => (item={'version': u'latest', 'name': 'docker-py'})
changed: [fe-web1-acc] => (item={'version': u'latest', 'name': 'docker-compose'})
I've been using this role for a while, but recently have it making my builds fail trying to install docker-compose. I get this:
Successfully built docker-compose docopt PyYAML texttable dockerpty enum34 functools32
Installing collected packages: docopt, PyYAML, requests, texttable, six, backports.ssl-match-hostname, websocket-client, docker-py, dockerpty, functools32, jsonschema, enum34, docker-compose
Found existing installation: PyYAML 3.10
:stderr: /usr/local/lib/python2.7/dist-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:315: SNIMissingWarning: An HTTPS request has been made, but the SNI (Subject Name Indication) extension to TLS is not available on this platform. This may cause the server to present an incorrect TLS certificate, which can cause validation failures. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#snimissingwarning.
SNIMissingWarning
/usr/local/lib/python2.7/dist-packages/pip/_vendor/requests/packages/urllib3/util/ssl_.py:120: InsecurePlatformWarning: A true SSLContext object is not available. This prevents urllib3 from configuring SSL appropriately and may cause certain SSL connections to fail. For more information, see https://urllib3.readthedocs.org/en/latest/security.html#insecureplatformwarning.
InsecurePlatformWarning
Detected a distutils installed project ('PyYAML') which we cannot uninstall. The metadata provided by distutils does not contain a list of files which have been installed, so pip does not know which files to uninstall.
Nothing in my scripts changed. Seems like this is an issue with new docker-compose installation (which I'm not sure is even needed for this role in the first place).
This role installs both docker.io (from Ubuntu) and lxc-docker (from Docker), which are conflicting packages. So every time you rerun this role it uninstalls lxc-docker, then installs docker.io, then uninstalls docker.io and installs lxc-docker when a rerun should just be a no-op.
Why does it do this and how can we prevent it? This information should be present in the README.
Why ansible-galaxy
still installs v1.1.1, whereas from list of project's tag it looks like it should fetch 1.1.4?
$ ansible-galaxy install angstwad.docker_ubuntu
- downloading role 'docker_ubuntu', owned by angstwad
- downloading role from https://github.com/angstwad/docker.ubuntu/archive/v1.1.1.tar.gz
...
When running this role I get the following failure:
TASK: [angstwad.docker_ubuntu | Wait for instance to come online] *************
failed: [default] => {"failed": true, "item": "", "parsed": false}
invalid output was: [sudo via ansible, key=yosluhsfhkvlpklimvuitxmcczbavklm] password:
FATAL: all hosts have already failed -- aborting
In order to prevent the use of devicemapper which is total crap (moby/moby#8176), we should install linux-image-extra-$(uname -r)
and linux-image-extra-virtual
as per https://github.com/docker/docker/blob/b89d04dd62e1a779f449804772c5bc5b64af65e8/hack/install.sh#L126-L145
Installation on 12.04.5 fails with:
TASK: [docker.ubuntu | Install backported trusty kernel onto 12.04] ***********
failed: [1204host] => (item=linux-image-generic-lts-trusty,linux-headers-generic-lts-trusty) => {"failed": true, "item": "linux-image-generic-lts-trusty,linux-headers-generic-lts-trusty"}
msg: Could not fetch updated apt files
FATAL: all hosts have already failed -- aborting
And here's the apt-get update
output:
Err http://get.docker.io docker/main amd64 Packages
Undetermined Error
Err http://get.docker.io docker/main i386 Packages
Undetermined Error
Ign http://get.docker.io docker/main Translation-en_US
Ign http://get.docker.io docker/main Translation-en
100% [Working] 16.2 MB/s 0sW: Failed to fetch http://get.docker.io/ubuntu/dists/docker/main/binary-amd64/Packages Undetermined Error
W: Failed to fetch http://get.docker.io/ubuntu/dists/docker/main/binary-i386/Packages Undetermined Error
E: Some index files failed to download. They have been ignored, or old ones used instead.
Similar issue is described here.
Not sure if this is related to #27, but I hit this error during the Docker-py install:
{"cmd": "/usr/bin/pip install docker-py", "failed": true}
msg:
:stderr: Traceback (most recent call last):
File "/usr/bin/pip", line 9, in <module>
load_entry_point('pip==1.5.4', 'console_scripts', 'pip')()
File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 351, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2363, in load_entry_point
return ep.load()
File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2088, in load
entry = __import__(self.module_name, globals(),globals(), ['__name__'])
File "/usr/lib/python2.7/dist-packages/pip/__init__.py", line 11, in <module>
from pip.vcs import git, mercurial, subversion, bazaar # noqa
File "/usr/lib/python2.7/dist-packages/pip/vcs/mercurial.py", line 9, in <module>
from pip.download import path_to_url
File "/usr/lib/python2.7/dist-packages/pip/download.py", line 25, in <module>
from requests.compat import IncompleteRead
ImportError: cannot import name IncompleteRead
I was able to solve it by sshing in and running easy_install -U pip
which upgraded to 6.0.8
I am using docker 1.3.3
, and docker-py
0.6.0
.
On a new machine, I found out this role installed docker-py
0.7.0
, which uses a newer API version, and return error on every docker module task.
My current "fix":
---
- name: Remove Docker-py with wrong version
pip:
name: "docker-py"
state: "absent"
- name: Install Docker-py with correct version
pip:
name: "docker-py"
state: "present"
version: 0.6.0
Hi,
I have a really simple ansible playbook that is failing on the first task of the docker install.
name: Install the dbserver components
hosts: dbservers
vars_files:
roles:
The var file contains,
kernel_pkg_state: present
The way I execute the playbook is,
ansible-playbook -i development sites.yml --ask-pass --ask-sudo-pass
I leave the ssh and sudo password the same. The error I get is,
failed: [remotemachine.blahblah.com] => (item=linux-image-generic-lts-raring,linux-headers-generic-lts-raring) => {"cmd": "DEBIAN_FRONTEND=noninteractive DEBIAN_PRIORITY=critical /usr/bin/apt-get -y -o Dpkg::Options::=--force-confdef -o Dpkg::Options::=--force-confold install linux-image-generic-lts-raring linux-headers-generic-lts-raring", "failed": true, "item": "linux-image-generic-lts-raring,linux-headers-generic-lts-raring", "rc": 2}
msg: [Errno 2] No such file or directory
The remote machine is running Ubuntu 12.04 and currently has the Precise kernel and Docker 1.1.1 installed.
When I try to apt-get install the raring kernels from an ssh terminal, I get no errors.
Would it be possible to add official support for Debian (notably Jessie)?
TASK [angstwad.docker_ubuntu : Fail if not a new release of Ubuntu] ************
fatal: [newmachine]: FAILED! => {"failed": true, "msg": "ERROR! The conditional check 'ansible_distribution_version|version_compare(12.04, '<') or ansible_distribution_version|version_compare(12.10, '=')' failed.
The error was: ERROR! Version comparison: 'ansible_distribution_version' is undefined\n\nThe error appears to have been in '/usr/local/etc/ansible/roles/angstwad.docker_ubuntu/tasks/main.yml': line 3, column 3, but may\nbe elsewhere in the file depending on the exact syntax problem.\n\nThe offending line appears to be:\n\n# tasks file for docker.ubuntu\n- name: Fail if not a new release of Ubuntu\n ^ here\n"}
$ ansible --version
ansible 2.0.0.1
This is w/ 1.1.1
ERROR! Syntax Error while loading YAML.
The error appears to have been in '/ansible/roles/angstwad.docker_ubuntu/LICENSE': line 92, column 36, but may
be elsewhere in the file depending on the exact syntax problem.The offending line appears to be:
modifications, and in Source or Object form, provided that You meet the following conditions: ^ here
/ansible/roles/angstwad.docker_ubuntu/LICENSE:1: Expected key=value host variable assignment, got: License
when I remove this file:
ERROR! /ansible/roles/angstwad.docker_ubuntu/README.md:4: Invalid section entry: ''. Please make sure that there are no spacesin the section entry, and that there are no other invalid characters
when I remove it:
ERROR! Syntax Error while loading YAML.
The error appears to have been in '/ansible/roles/angstwad.docker_ubuntu/Vagrantfile': line 37, column 42, but may
be elsewhere in the file depending on the exact syntax problem.The offending line appears to be:
vms.vm.network :private_network, ip: box[:ip] ^ here
/ansible/roles/angstwad.docker_ubuntu/Vagrantfile:4: Expected key=value host variable assignment, got: File.basename(File.expand_path(File.dirname(FILE)))
and when I finally remove this I get:
ERROR! 'AnsibleSequence' object has no attribute 'keys'
/ansible/roles/angstwad.docker_ubuntu/docker.yml:2: Expected key=value host variable assignment, got: hosts:
any idea whats wrong?
Is there option to install specific version of docker e.g. using env variable?
I am probably being an idiot, however, I can't seem to provision this with ansible and vagrant. I keep getting permission issues when updating apt. I am calling the role with sudo as well, but that doesn't seem to propagate down.
I am running Ubuntu 14.04 trusty64
ansible 1.9.0.1
ansible-playbook 1.9.0.1
When I get to the Add Docker repository and update apt cache
step I get the following:
TASK: [docker.ubuntu | Add Docker repository and update apt cache] ************
<127.0.0.1> ESTABLISH CONNECTION FOR USER: vagrant
<127.0.0.1> REMOTE_MODULE apt_repository state=present repo='deb https://apt.dockerproject.org/repo ubuntu-trusty main'
<127.0.0.1> EXEC ssh -C -tt -vvv -o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/Users/george/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o Port=2222 -o IdentityFile="/Users/george/personal/GeorgeMac/web2/.vagrant/machines/default/virtualbox/private_key" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=30 127.0.0.1 /bin/sh -c 'mkdir -p $HOME/.ansible/tmp/ansible-tmp-1453055707.24-233988419299979 && echo $HOME/.ansible/tmp/ansible-tmp-1453055707.24-233988419299979'
<127.0.0.1> PUT /var/folders/lz/sycggpkn1ws6kj4jgs4p_jqm0000gn/T/tmpZvOzpI TO /home/vagrant/.ansible/tmp/ansible-tmp-1453055707.24-233988419299979/apt_repository
<127.0.0.1> EXEC ssh -C -tt -vvv -o UserKnownHostsFile=/dev/null -o IdentitiesOnly=yes -o ControlMaster=auto -o ControlPersist=60s -o ControlPath="/Users/george/.ansible/cp/ansible-ssh-%h-%p-%r" -o StrictHostKeyChecking=no -o Port=2222 -o IdentityFile="/Users/george/personal/GeorgeMac/web2/.vagrant/machines/default/virtualbox/private_key" -o KbdInteractiveAuthentication=no -o PreferredAuthentications=gssapi-with-mic,gssapi-keyex,hostbased,publickey -o PasswordAuthentication=no -o User=vagrant -o ConnectTimeout=30 127.0.0.1 /bin/sh -c 'LANG=en_US.UTF-8 LC_CTYPE=en_US.UTF-8 /usr/bin/python /home/vagrant/.ansible/tmp/ansible-tmp-1453055707.24-233988419299979/apt_repository; rm -rf /home/vagrant/.ansible/tmp/ansible-tmp-1453055707.24-233988419299979/ >/dev/null 2>&1'
failed: [default] => {"failed": true}
msg: [Errno 13] Permission denied: '/etc/apt/sources.list.d/.apt_dockerproject_org_repo.list-HW7gKA'
FATAL: all hosts have already failed -- aborting
Short of messing with the role source to add sudo permissions. Could anyone give me some advice?
Cheers!
TASK: [angstwad.docker_ubuntu | Install Docker-py] ****************************
failed: [default] => {"cmd": "/usr/bin/pip install docker-py", "failed": true}
msg:
:stderr: Traceback (most recent call last):
File "/usr/bin/pip", line 9, in
load_entry_point('pip==1.5.4', 'console_scripts', 'pip')()
File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 351, in load_entry_point
return get_distribution(dist).load_entry_point(group, name)
File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2363, in load_entry_point
return ep.load()
File "/usr/lib/python2.7/dist-packages/pkg_resources.py", line 2088, in load
entry = import(self.module_name, globals(),globals(), ['name'])
File "/usr/lib/python2.7/dist-packages/pip/init.py", line 11, in
from pip.vcs import git, mercurial, subversion, bazaar # noqa
File "/usr/lib/python2.7/dist-packages/pip/vcs/mercurial.py", line 9, in
from pip.download import path_to_url
File "/usr/lib/python2.7/dist-packages/pip/download.py", line 25, in
from requests.compat import IncompleteRead
ImportError: cannot import name IncompleteRead
FATAL: all hosts have already failed -- aborting
After "easy_install -U pip" this error disappears:
http://stackoverflow.com/questions/27341064/how-do-i-fix-importerror-cannot-import-name-incompleteread
I think have found an issue if this role is used together with custom storage options designed to enable direct-lvm mode https://docs.docker.com/engine/userguide/storagedriver/device-mapper-driver/
The issue arises because after the DOCKER_OPTS variable is configured, there is no restart of the docker daemon. As a result, the initial install of the docker daemon will be running with the thin pool device mapped to the loop back device instead of the thin pool device of the intended volume group. When the docker daemon is subsequently restarted the thin pool device implied by the storage options will be used which, of course, is a different device.
Through Ansible 1.5
and Vagrant 1.5
on the following box:
https://vagrantcloud.com/parallels/ubuntu-13.10
TASK: [angstwad.docker_ubuntu | Fail if not a new release of Ubuntu] **********
skipping: [192.168.50.30]
TASK: [angstwad.docker_ubuntu | Install raring kernel onto 12.04] *************
skipping: [192.168.50.30]
TASK: [angstwad.docker_ubuntu | Install latest kernel extras for Ubuntu 13.04+] ***
ok: [192.168.50.30]
TASK: [angstwad.docker_ubuntu | Reboot instance] ******************************
skipping: [192.168.50.30]
TASK: [angstwad.docker_ubuntu | Wait for instance to come online] *************
skipping: [192.168.50.30]
TASK: [angstwad.docker_ubuntu | Add Docker repository key] ********************
changed: [192.168.50.30]
TASK: [angstwad.docker_ubuntu | Add Docker repository] ************************
failed: [192.168.50.30] => {"failed": true, "item": ""}
msg: Could not import python modules: pycurl. Please install python-pycurl package.
FATAL: all hosts have already failed -- aborting
Any clue?
Thanks
I'm trying to use this role in my playbook. I'm getting a failure with apt. Do I need to be using sudo:yes at the playbook level? Thanks!
TASK: [angstwad.docker_ubuntu | Install (or update) docker package] ***********
<x.x.x.x> REMOTE_MODULE apt name=lxc-docker state=present
<x.x.x.x> REMOTE_MODULE apt name=lxc-docker state=present
failed: [x.x.x.x] => {"failed": true}
msg: Failed to lock apt for exclusive operation
failed: [x.x.x.x] => {"failed": true}
msg: Failed to lock apt for exclusive operation
FATAL: all hosts have already failed -- aborting
PR #92 introduced a number of helpful new options to install docker-py, docker-compose, and supporting Python packages. At the moment, these are all set to true
, meaning that an unsuspecting user of docker.ubuntu will have pip
, a new version of setuptools
, docker-py
, and docker-compose
installed on her machine.
While most users will appreciate these tools, as a principle, it seems better to seek the user's consent, rather than install software the user may not need, especially without the user's awareness. In other words, follow the Principle of Least Surprise. docker.ubuntu seems to follow this philosophy for other items, for example, the linux-image-extras. So this brings the installation of Python-related tooling to be consistent with that philosophy.
I see a couple of inter-related issues here:
All of the pip install settings in the defaults should change to false
.
This also includes the installation of pip
itself via apt installation of python-pip
and python-dev
. This action should happen with the user's consent. Document these options as a convenience provided by docker.ubuntu if they want to install the Docker-related tools.
There exists a chance for contradiction in the settings, whereby, the user can specify true
to install a tool like docker-compose
, yet false
for a dependency like pip
. I see two solutions:
In this solution, explicit user-approval for a tool creates implicit user-approval of the tool's dependencies. Setting pip_install_docker_compose
to true
implies that pip
must be available on the system. Similarly, setting pip_install_docker_py
also implies that pip
must be available. This dependency should be captured, and the need to install pip
should be computed as a dependency, and installed if either setting is set to true
(or both settings are set to true
).
In this case, it seems best not to even expose an option on controlling the installation of pip
, itself. Document the dependency, and that user consent to pip_install_docker_py
/pip_install_docker_compose
implies consent to install the necessary Python dependencies. Consider the case where the user sets pip_install_pip
to true
, but pip_install_docker_py
and docker_compose
both to false
. This would cause docker.ubuntu
to providing functionality unrelated to Docker (installing pip
).
In the second scenario, all the configuration values remain (but still set to false
by default). When the user enters an incompatible combination, such as pip_install_pip: false
and pip_install_docker_py: true
, issue an error warning of contradictory settings.
I think this option will be more frustrating to the user.
There are a number of roles on Ansible Galaxy for installing pip; would it be possible to use one of those as a dependency? Alternatively, since this is a pretty small installation, at least consider turning the installation of pip into a first-party role inside docker.ubuntu. Then installation of docker-py and docker-compose can create a dependency on that role.
Using Ansible 1.5
on Vagrant 1.5
on this image:
https://vagrantcloud.com/rogeriopradoj/trusty64
I get the following when using this role:
TASK: [angstwad.docker_ubuntu | Fail if not a new release of Ubuntu] **********
skipping: [192.168.50.30]
TASK: [angstwad.docker_ubuntu | Install raring kernel onto 12.04] *************
skipping: [192.168.50.30]
TASK: [angstwad.docker_ubuntu | Install latest kernel extras for Ubuntu 13.04+] ***
failed: [192.168.50.30] => {"failed": true, "item": ""}
msg: No package matching 'linux-image-extra-3.13.0-11-generic' is available
FATAL: all hosts have already failed -- aborting
Any idea?
Here is the error which i am getting starting recently:
TASK: [docker.ubuntu | Add Docker repository key] *****************************
failed: [test-host] => {"failed": true}
msg: Failed to download key at http://get.docker.com/gpg: Request failed: <urlopen error [Errno 1] _ssl.c:510: error:14094410:SSL routines:SSL3_READ_BYTES:sslv3 alert handshake failure>
This isn't a problem with docker.ubuntu, but maybe it should be pinned to 1.9.0 until it is resolved:
After installing docker.ubuntu, when you try to actually do any docker commands, in this case, docker_login
{"changed": false, "failed": true, "msg": "Failed to import docker-py - No module named types. Try `pip install docker-py`"}
Recommended way to specify options doesn't work. Example is bellow
My opts variable looks like this
# The following help expose a docker port or to add additional options when
# running docker daemon. The default is to not use any special options.
#docker_opts: >
# -H unix://
# -H tcp://0.0.0.0:2375
# --log-level=debug
docker_opts: >
-H unix:///var/run/docker.sock
-H tcp://0.0.0.0:2376
--tlsverify
--tlscacert=/etc/ssl/certs/docker-ca.pem
--tlscert=/etc/ssl/certs/{{ hostname }}-cert.pem
--tlskey=/etc/ssl/private/{{ hostname }}-priv-key.pem
# List of users to be added to 'docker' system group (disabled by default)
...
It produces followed result:
$ cat /etc/systemd/system/docker.service.d/env.conf
[Service]
Environment="DOCKER_OPTS=-H unix:///var/run/docker.sock -H tcp://0.0.0.0:2376 --tlsverify --tlscacert=/etc/ssl/certs/docker-ca.pem --tlscert=/etc/ssl/certs/docker-host-n1-cert.pem --tlskey=/etc/ssl/private/docker-host-n1-priv-key.pem
"
Because double quotes located on the new line, no parameters are actually applied.
I fixed it by specifying opts in old-style-one-line way:
docker_opts: "-H unix:///var/run/docker.sock -H tcp://0.0.0.0:2376 --tlsverify --tlscacert=/etc/ssl/certs/docker-ca.pem --tlscert=/etc/ssl/certs/{{ hostname }}-cert.pem --tlskey=/etc/ssl/private/{{ hostname }}-priv-key.pem"
And now it works fine
See this comment: e1380bf#commitcomment-9975113
Related issue: #23
Version 1.2 of Docker-Py has broken the Ansible docker plugin. They've committed a fix, but it hasn't been released in a stable version.
In the meantime, docker.ubuntu can resolve by forcing pip to install version 1.1 of Docker.py instead of using the latest.
(See discussion: ansible/ansible#10879)
I've been using this for a while and noticed that docker_pkg_name no longer works the way it used to. The default package is now docker-engine and you can no longer install specific packages with options like: docker_pkg_name: lxc-docker-1.6.2
. Is there a new workaround here to peg the version? Installing whatever version happens to be the newest feels very dangerous.
I noticed the 12.04 installation instructions are a bit out of date. Let's take a look at the tasks and ensure we're following the "supported" installation procedure, and community best practices wherever applicable.
This is a common problem when running docker on ubuntu: http://askubuntu.com/questions/475764/docker-io-dns-doesnt-work-its-trying-to-use-8-8-8-8
I fixed it with:
- lineinfile: dest=/etc/default/docker regexp="DOCKER_OPTS=" line='DOCKER_OPTS="--dns {{ ansible_docker0.ipv4.address }}"'
notify: restart docker
- meta: flush_handlers
- pause: seconds=1
I get this failure when building on a ubuntu trusty host:
PLAY [dockerubuntu] ***********************************************************
GATHERING FACTS ***************************************************************
ok: [localhost]
TASK: [angstwad.docker_ubuntu | Fail if not a new release of Ubuntu] **********
fatal: [localhost] => error while evaluating conditional: ansible_distribution_version|version_compare(12.04, '<') or ansible_distribution_version|version_compare(12.10, '=')
FATAL: all hosts have already failed -- aborting
PLAY RECAP ********************************************************************
to retry, use: --limit @/root/docker.yaml.retry
localhost : ok=1 changed=0 unreachable=1 failed=0
ansible -m setup localhost
full output here:
http://sprunge.us/SRKH
with the relevant section here:
"ansible_distribution": "Ubuntu",
"ansible_distribution_release": "trusty",
"ansible_distribution_version": "14.04",
the execution line:
virtualbox-iso: Executing Ansible: cd /tmp/packer-provisioner-ansible-local && ANSIBLE_FORCE_COLOR=1 PYTHONUNBUFFERED=1 ansible-playbook /tmp/packer-provisioner-ansible-local/docker.yaml --limit localhost -c local -i /tmp/packer-provisioner-ansible-local/hosts
repo with packer build that is my exact setup on how I got this error:
https://github.com/joshuacox/dacksible
anyone should be able to cd
into the packer directory and make vbox
to get the exact error as above. Given that you have virtual box, vagrant, and packer installed amongst any other dependencies I'm forgetting.
I'm sure I'm doing something wrong as I'm still abit new to Ansible, but if anyone can shed some light on why this is failing I'd love to figure it out.
See here and here for more details. Workaround is installing an older version of docker-py:
tasks:
- name: Install docker-py
pip: name=docker-py version=1.1.0
And it could be set with pip_version_docker_py
.
I'm not sure about a proper way to solve this. One of the solutions could be setting default pip_version_docker_py
to 1.1.0 if ansible version is below some value.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.